Improved approaches for effectuating changes to security policies in a
distributed security system are disclosed. The changes to security
policies are distributed to those users (e.g., user and/or computers) in
the security system that are affected. The distribution of such changes
to security policies can be deferred for those affected users that are
not activated (e.g., logged-in or on-line) with the security system.